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DETAILED ACTION 

1. This communication is in response to applicant's response received on July 10, 
2006. 

2. Claims 1.13, and 22-25 are amended. 

Response to Arguments 

Applicants' arguments have been fully considered but they are not persuasive. 

1 . Applicants on page 8, lines 6-7 of the remarks argue that Hadfield does not use 
user information stored in a computer file that is local to said user, as required by each 
independent claim, as amended. 

The examiner respectfully disagrees and asserts that Hadfield discloses (see, for 
example, page 79, lines 24-31; page 168, lines 21-26; page 175,Jines 14-15 and lines 
19-21) a local security scheme to authenticate a user locally. I.e., the local machine that 
a user is logging on to, includes a database that contains user's validation information 
such as user name and password. Thus, Hadfield uses "user information stored in a 
computer file that is local to said user*'. 

2. The examiner, however, in light of the above submission maintains the previous 
rejections while considering the amendments to the claims 1,13, and 22-25 as follows: 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-3, 6, 9-15 and 19-25 are rejected under 35 U.S.C. 102(b) as being 
anticipated by "Windows NT Server 4 Security Handbook" by Lee Hadfield, Dave 
Hatter, Dave Bixler, 1997 (hereinafter Hadfield). 

Regarding claims 1,13 and 22-25, Hadfield discloses: 

computationaiiy verifying an identity of said user (see, for example, page 80, 
paragraph 4; page 81, paragraphs 2 and 3; pages 168-169; pages 350-351; page 432, 
paragraph 5); and 

computationally verifying a membership of said user with said one or more 
groups (see, for example, page 80, paragraph 4 and 5; page 83, paragraphs 3 and 4 
pages 168-169; page 174. last paragraph), 

wherein said verifying computations are performed substa'ntially simultaneously 
using user information stored in a computer file that is local to said user (see. for 
example, page 81, paragraphs 4-6, where a user's identity and its membership to any 
group is authenticated with a single log-on process that is functionally equivalent to the 
recited verifying computations are performed substantially simultaneously and see, for 
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example, page 79, lines 24-31; page 168, lines 21-26; page 175, lines 14-15 and lines 
19-21, where the user validation information are contained in a local database for 
logging on locally). 

Regarding claims 2 and 14, Hadfield discloses: 

further comprising the step of registering said user with at least one of said one 
or more groups (see, for example, page 29; page 101; page 110; page 275, last 
paragraph; page 281, paragraph 4, where setting up and creating a user account and 
user groups corresponds to the recited registering a user.. .with a group(s)). 

Regarding claims 3 and 15, Hadfield discloses: 

wherein said registering step further comprises the step of said user and said at 
least one of said one or more groups exchanging a respective identifier (see, for 
example, page 29, paragraphs 3 and 4; page 102, paragraph 2; page 1 10; page 432, 
paragraph 5, where a password that correspond to the recited identifier is used to grant 
membership to a user a to a group). 

Regarding claim 6, Hadfield discloses: 

wherein said registering step further comprises the step of creating a registration 
identifier (see, for example, page 29; page 101 ; page 110; page 275, last paragraph; 
page 281 , paragraph 4, where during the process of creating a user account and user 
groups, user/group ID or password that correspond to the recited registration identifier is 
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created and assigned to a particular user or group). 
Regarding claims 9 and 19, Hadfield discloses: 

wherein said verifying computations are performed in a single operation based 
on the El Gamal public key algorithm (see. for example, page 170, paragraphs 1-4, 
where RSA encryption algorithm is employed for authentication process which is 
functionally equivalent to El Gamal public key algorithm and it is a matter of 
implementation). 

Regarding claims 10 and 20, Hadfield discloses: 

wherein said user information is stored on a smart card that provides tamper- 
resistant features (see, for example, page 81 , paragraphs 2 and 3). 

Regarding claims 11 and 21, Hadfield discloses: 

wherein said user information is stored in a memory of a computer (see, for 
example, page 33, paragraph 4; page 68, last paragraph; page 226, last 2 paragraphs; 
page 102, Fig. 4.1, where upon clicking Add button, the user information are saved on a 
disk or hard drive that represent a memory). 

Regarding claim 12, Hadfield discloses: 

wherein a user that satisfies said verifying computations is allowed to access a 
plurality of groups (see, for example, page 28, paragraph 2; page 29, paragraph 4; page 
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81 , paragraph 4; page 110, paragraph 3; pages 112-113, where it demonstrate that an 
authenticated user has the same rights and permissions of the groups that the user has 
membership which corresponds to the recited user... allowed to access a plurality of 
groups). 

Allowable Subject Matter 
Claims 4, 5, 7, 8 and 16-18 are objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can nomrially be reached on M-T 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status infomnation for unpublished applications is available through Private PAIR only. 
For more infomiation about the PAIR system, see http://pair-direct.uspto.gov. Should 
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you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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